Pre-Defense: Regulating Smart Devices in Restricted Spaces

Abstract:

Smart personal devices have become ubiquitous, and we increasingly rely on their use in our daily lives. Simultaneously, we as a society are also beginning to place restrictions on how these devices can be used in various environments. Such restricted spaces abound in today’s society.

For instance, enterprises and federal offices that store sensitive information place restrictions on the use of cameras and microphones in smart devices. In classrooms, students are often disallowed from using smart devices during examinations. Moreover, in social settings, people are often reluctant to have their conversations recorded by their friends wearing smart glasses. To date, these restrictions have been enforced using ad hoc methods. One method to prevent these situations is to regulate how smart devices are used in such restricted spaces. In this dissertation, we propose two ARM TrustZone-based solutions to regulate smart devices in restricted spaces. First, we present a systematic approach for restricted space hosts to remotely analyze and regulate guest device use in the restricted space by using low-level remote memory operation. Policies on device use are decided by the hosts that control the restricted space. These policies are enforced by a trusted mechanism that executes on the smart guest device. Second, we present a higher-level abstraction policy enforcement system in the restricted spaces. We leverage Security-Enhanced Linux in Android (SEAndroid) for fine-grained policy enforcement, and Near field communication (NFC) for secure communications.